In recent years, industrial control systems have been extensively utilized across critical industries, encompassing manufacturing, automation, and power plants. The widespread implementation of these systems within vital infrastructures has escalated the imperative of ensuring their security. This chapter aims to provide a valuable contribution in the form of a taxonomy and a mapping study that addresses security vulnerabilities present in industrial PLC software. The research contains an in-depth analysis of security vulnerabilities, the corresponding exploitative attacks, and the proposed solutions. The primary objective of this chapter is to establish a comprehensive taxonomy that effectively identifies and classifies vulnerabilities, attacks, and solutions pertinent to security in industrial PLCs. Notably, the proposed taxonomy is further demonstrated within the entire DevOps continuum, spanning from the initial design phase to the operational aspect of PLC systems. The outcomes of this research endeavor hold substantial potential in assisting both researchers and practitioners involved in mitigating security vulnerabilities and combatting attacks targeting industrial PLCs.